Browse [LATEST] Elasticsearch Interview Questions & Answers - 2020
Elasticsearch Interview Questions and Answers

Browse [LATEST] Elasticsearch Interview Questions & Answers

Last updated on 04th Jul 2020, Blog, Interview Questions

About author

Rakesh (Lead Engineer - Director Level )

(5.0) | 17547 Ratings 748

Elasticsearch is an open-source, RESTful, scalable, built on Apache Lucene library, document-based search engine. It stores retrieve and manage textual, numerical, geospatial, structured and unstructured data in the form of JSON documents using CRUD REST API or ingestion tools such as Logstash.

You can use Kibana, an open-source visualization tool, with Elasticsearch to visualize your data and build interactive dashboards for Analysis.

Elasticsearch, Apache Lucene search engine is a JSON document, which is indexed for faster searching. Due to indexing, user can search text from JSON documents within 10 seconds.

1) Explain in brief about Elasticsearch?

Ans:

Elasticsearch Apache Lucene search engine is a database that stores retrieve and manages document-oriented and semi-structured data. It provides real-time search and analytics for structured or unstructured text, numerical or geospatial data.

2) Can you state the stable Elasticsearch version currently available for download?

Ans:

The latest stable version of Elasticsearch is 7.5.0.

3) To install Elasticsearch, what software is required as a prerequisite?

Ans:

Latest JDK 8 or Java version 1.8.0 is recommended as the software required for running Elasticsearch on your device.

4) Can you please give step by step procedures to start an Elasticsearch server?

Ans:

The server can be started from the command line.

Following steps explain the process:

Click on the Windows Start icon present at the bottom-left part of the desktop screen.

Type command or cmd in the Windows Start menu and press Enter to open a command prompt.

Change the directory up to the bin folder of the Elasticsearch folder that got created after it has been installed.

Type /Elasticsearch.bat and press Enter to start the Elasticsearch server.

This will start Elasticsearch on command prompt in the background. Further open browser and enter http://localhost:9200 and press enter. This should display the Elasticsearch cluster name and other meta value related to its database.

5) Name 10 companies that have an Elasticsearch as their search engine and database for their application?

Ans:

Following are the list of some companies that use Elasticsearch along with Logstash and Kibana:

  • Uber
  • Instacart
  • Slack
  • Shopify
  • Stack Overflow
  • DigitalOcean
  • Udemy
  • 9GAG
  • Wikipedia
  • Netflix
  • Accenture
  • Fujitsu

6) Please explain Elasticsearch Cluster?

Ans:

It is a group of one or more node instances connected responsible for the distribution of tasks, searching and indexing across all the nodes.

Node and Shards:

elastic-search-cluster

7) What is a Node in Elasticsearch?

Ans:

A node is an instance of Elasticsearch. Different node types are Data nodes, Master nodes, Client nodes and Ingest nodes.

8) What is an index in an Elasticsearch cluster?

Ans:

An Elasticsearch cluster can contain multiple indices, which are database as compared with a relational database, these indices contain multiple types (tables). The types (tables) contain multiple Documents (records/rows) and these documents contain Properties (columns).

9) What is a Type in an Elastic search?

Ans:

Type, here is a table in the relational database. These types (tables) hold multiple Documents (rows), and each document has Properties (columns).

15) What is the syntax or code to delete an index in Elasticsearch?

Ans:

You can delete an existing index using the following syntax:

DELETE /<index_name>

_all or * can be used to remove/delete all the indices

16) What is the syntax or code to list all indexes of a Cluster in Elasticsearch?

Ans:

You can get the list of indices present in the cluster using the following syntax:

GET /_<index_name>

GET index_name , in above case, index_name is .kibana

17) Can you tell me the syntax or code to add a Mapping in an Index?

Ans:

You can add a mapping in an index using the following syntax:

POST /_<index_name>/_type/_id

18) What is the syntax or code to retrieve a document by ID in Elasticsearch?

Ans:

GET API retrieves the specified JSON document from an index.

Syntax:

GET <index_name>/_doc/<_id>

19) Please explain relevancy and scoring in Elasticsearch?

Ans:

When you search on the internet about say, Apple. It could either display the search results about fruit or company with name as an Apple. You may want to buy fruit online, check the recipe from the fruit or health benefits of eating fruit, apple.

In contrast, you may want to check Apple.com to find the latest product range offered by the company, check Apple Inc.’s stock prices and how a company is performing in NASDAQ in the last 6 months, 1 or 5 years.

Similarly, when we search for a document (a record) from Elasticsearch, you are interested in getting the relevant information that you are looking for. Based on the relevance, the probability of getting the relevant information is calculated by the Lucene scoring algorithm.

The Lucene technology helps to search a particular record i.e. document which is indexed based on the frequency of the term in search appearing in the document, how often its appearance across an index and query which is designed using various parameters.

20) What are the various possible ways in which we can perform a search in Elasticsearch?

Ans:

Mentioned below are the various possible ways in which we can perform a search in Elasticsearch:

Applying search API across multiple types and multiple indexes: Search API, we can search an entity across multiple types and indices.

Search request using a Uniform Resource Identifier: We can search requests using parameters along with URI i.e. Uniform Resource Identifier.

    Subscribe For Free Demo

    21) What are the various types of queries that Elasticsearch supports?

    Ans:

    • Queries are mainly divided into two types: Full Text or Match Queries and Term based Queries.
    • Text Queries such as basic match, match phrase, multi-match, match phrase prefix, common terms, query-string, simple query string.
    • Term Queries such as term exists, type, term set, range, prefix, ids, wildcard, regexp and, fuzzy.

    22) Can you compare between Term-based queries and Full-text queries?

    Ans:

    Domain Specific Language (DSL) Elasticsearch query which is known as Full-text queries utilizes the HTTP request body, offers the advantage of clear and detailed in their intent, over time it is simpler to tune these queries.

    23) Please explain the working of aggregation in Elasticsearch?

    Ans:

    Aggregations help in the collection of data from the query used in the search. Different types of aggregations are Metrics, Average, Minimum, Maximum, Sum and stats, based on different purposes.

    24) Can you tell me data storage functionality in Elasticsearch?

    Ans:

    Elasticsearch is a search engine used as storage and searching complex data structures indexed and serialized as a JSON document.

    25) What is an Elasticsearch Analyzer?

    Ans:

    Analyzers are used for Text analysis, it can be either built-in analyzer or custom analyzer. The analyzer consists of zero or more Character filters, at least one Tokenizer and zero or more Token filters.

    Character filters break down the stream of string or numerical into characters by stripping out HTML tags, searching the string for key and replacing them with the related value defined in mapping char filter as well as replace the characters based on a specific pattern.

    Tokenizer breaks the stream of string into characters, For example, whitespace tokenizer breaks the stream of string while encountering whitespace between characters.

    Token filters convert these tokens into lower case, remove from string stop words like ‘a’, ‘an’, ‘the’. or replace characters into equivalent synonyms defined by the filter.

    26) What is a shard?

    Ans:

    Different applications need to employ multiple ElasticSearch instances on separate machines. Data in every index is divided into multiple partitions, each controlled by a separate ElasticSearch instance. Each such partition is termed as shard. By default, each ElasticSearch index possess 5 shards.

    27) What is a replica?

    Ans:

    Each shard has 2 copies called replicas. They are highly-available and fault-tolerant.

    28) What is a document in ElasticSearch?

    Ans:

    Document is similar to a row in relational databases. Each document in the index possess different structure, but has same data type for mutual fields.

    MySQL => Databases => Tables => Columns/Rows

    ElasticSearch => Indices => Types => Documents with Properties

    29) What are the basic operations you can perform on a document?

    Ans:

    The following operations can be performed on documents

    1. INDEXING A DOCUMENT USING ELASTICSEARCH.
    2. FETCHING DOCUMENTS USING ELASTICSEARCH.
    3. UPDATING DOCUMENTS USING ELASTICSEARCH.
    4. DELETING DOCUMENTS USING ELASTICSEARCH.

    30) What is a type in ElasticSearch?

    Ans:

    Type is a logical index partition whose semantics are entirely upon the user.

    Course Curriculum

    Get Experts Curated Elasticsearch Certification Course to Build Your Skills

    Weekday / Weekend BatchesSee Batch Details

    31) What are common area of use Elasticsearch?

    Ans:

    • It’s useful in application where need to do analysis, statics and need to find out anomalies on data based on pattern.
    • It’s useful where need to send alerts when particular condition matched like stock market, exception from logs etc.

    32) Define Analyzer in ElasticSearch?

    Ans:

    In ElasticSearch, Data is transformed while indexing internally by the analyzer specifically defined for the index and then indexed. Analyzers are built of filters and tokenizes. The major types of analyzers available in ElasticSearch 1.10 are as follows:

    • simple analyzer
    • standard analyzer
    • keyword analyzer
    • language analyzers
    • snowball analyzer
    • custom analyzer
    • pattern analyzer
    • whitespace analyzer
    • stop analyzer

    33) What is the query language of Elasticsearch?

    Ans:

    Apache Lucene query language which is also called as Query DSL is used by Elasticsearch.

    34) Difference

    Ans:

    There are many differences between both products as below

    Type Elasticsearch MongoDB
    Indexing Uses Apache Lucene for indexing.Real-time indexing and searching power from Lucene, which allows creation of index on every field of a document by default. Based on traditional B+ Tree. Define the index, which improves query performance, but affects write operations. 
    Language Implemented in Java Implemented in C++
    Documents Stores JSON documents Stores them in BSON (Binary JSON) format. (though, it looks same like a JSON document to the end user)
    REST Interface RESTful Not RESTful
    Map Reduce Not Support MapReduce Allow Map Reduce Operation
    Huge Data Store and Retrieve Huge Data Store and Search Huge Data

    35) What is Elasticsearch Cluster ?

    Ans:

    Cluster is a collection of one or more nodes which provide capabilities to search text on scattered data on nodes. It’s identified by unique name with in network so that all associated nodes will join together by cluster name.

    Operation Persistent : Cluster also maintain keep records of all transaction level changes for schema if anything get change in data for index and track of availability of Nodes in cluster so that make data easily available if any fail-over of any node.

    elasticsearch-cluster

    Elasticsearch Cluster

    In above screen Elasticsearch cluster “FACING_ISSUE_IN_IT” having three master and four data node.

    36) What is Elasticsearch Node?

    Ans:

    Node is a Elasticsearch server which associate with in a cluster. It’s store data , help cluster for indexing data and search query. It’s identified by unique name in Cluster if name is not provided in elasticsearch will generate random Universally Unique Identifier(UUID) on time of server start.

    A Cluster can have one or more Nodes .If first node start that will have Cluster with single node and when other node will start will add with that cluster.

    data-node-storage

    Data Node Documents Storage

    In above screen trying to represent data of two indexes like I1 and I2. Where Index I1 is having two type of documents T1 and T2 while index I2 is having only type T2 and these shards are distributes over all nodes in cluster. This data node is having documents of shard (S1) for Index I1 and shard (S3) for Index I2. It’s also keeping replica of documents of shards S2 of Index I2 and I1 which are store some other nodes in cluster.

    37) What are types of Node in Elasticsearch?

    Ans:

    With in Elasticsearch Cluster each Node know others Node based on configuration decide role/responsibility of each individual Node. Below are Elasticsearch Node Types.

    • Master-Eligible Node.
    • Data Node.
    • Ingest Node.
    • Tribe Node/Coordinating Node.

    38) What is Master Node and Master Eligible Node in Elasticsearch?

    Ans:

    Master Node control cluster wide operations like creating or deleting an index, tracking which nodes are part of the cluster, and deciding which shards to allocate to which nodes. It is important for cluster health to have a stable master node. Master Node elected based on configuration properties node.master=true (Default).

    Master Eligible Node decide based on below configuration

    discovery.zen.minimum_master_node : number (default 1)

    and above number decide based (master_eligible_nodes / 2) + 1

    39) What is Data Node in Elasticsearch?

    Ans:

    Data nodes hold the shards/replica that contain the documents that was indexed. Data Nodes perform data related operation such as CRUD, search aggregation etc. Set node.data=true (Default) to make node as Data Node.

    Data Node operations are I/O-, memory-, and CPU-intensive. It is important to monitor these resources and to add more data nodes if they are overloaded.The main benefit of having dedicated data nodes is the separation of the master and data roles.

    40) What is Ingest Node in Elasticsearch?

    Ans:

    Ingest nodes can execute pre-processing an ingest pipeline to a document in order to transform and enrich the document before indexing. With a heavy ingest load, it makes sense to use dedicated ingest nodes and to mark the master and data nodes as false and node.ingest=true.

    41) What is Tribe Node and Coordinating Node in Elasticsearch?

    Ans:

    Tribe node, is special type of node that coordinate to connect to multiple clusters and perform search and others operation across all connected clusters. Tribe Node configured by settings tribe.*.

    Coordinating Node behave like Smart Load balancer which able to handle master duties, to hold data, and pre-process documents, then you are left with a coordinating node that can only route requests, handle the search reduce phase, and distribute bulk indexing.

    Every node is implicitly a coordinating node. This means that a node that has all three node.master, node.data and node.ingest set to false will only act as a coordinating node, which cannot be disabled. As a result, such a node needs to have enough memory and CPU in order to deal with the gather phase.

    42)  What are Benefits of Shards and Replica in Elasticsearch?

    Ans:

    •   Shards splits indexes in horizontal partition for high volumes of data.
    • It perform operations parallel to each shards or replica on multiple node for index so that increase system performance and throughput.
    • Recovered easily in case of fail-over of node because data replica exist on another node because replica always store on different node where shards exist.

    Some Important Points:

    When we create index by default elasticseach index configure as 5 shards and 1 replica but we can configure it from config/elasticsearch.yml file or by passing shards and replica values in mapping when index create.

    Once index created we can’t change shards configuration but modify in replica. If need to update in shards only option is re-indexing.

    Each Shard itself a Lucene index and it can keep max 2,147,483,519 (= Integer.MAX_VALUE – 128) documents. For merging of search results and failover taken care by elasticsearch cluster.

    43) What is Document in Elasticsearch?

    Ans:

    sEach Record store in index is called a document which store in JSON object. Document is Similar to row in term of RDBMS only difference is that each document will have different number of fields and structure but common fields should have same data type.

    44) What is a Type in Elasticsearch ?

    Ans:

    Type is logical category/grouping/partition of index whose semantics is completely up to user and type will always have same number of columns for each documents.

    ElasticSearch => Indices => Types => Documents with Fields/Properties

    45) What is a Document Type in Elaticsearch?

    Ans:

    A document type can be seen as the document schema / mapping definition, which has the mapping of all the fields in the document along with its data types.

    46) What is indexing in ElasticSearch ?

    Ans:

    The process of storing data in an index is called indexing in ElasticSearch. Data in ElasticSearch can be divided into write-once and read-many segments. Whenever an update/modification is attempted, a new version of the document is written to the index.

    47) What is the inverted index in Elasticsearch ?

    Ans:

    Inverted Index is the backbone of Elasticsearch which make full-text search fast. Inverted index consists of a list of all unique words that occurs in documents and for each word, maintain a list of document number and positions in which it appears.

    For Example : There are two documents and having content as :

    1: FacingIssuesOnIT is for ELK.

    2: If ELK check FacingIssuesOnIT.

    To make inverted index each document will split in words (also called as terms or token) and create below sorted index .

    Term                   Doc_1  Doc_2

    FacingIssuesOnIT    |   X   |  X

    is                  |   X   |

    for                 |   X   |  

    ELK                 |   X   |  X

    If                  |       |  X

    check               |       |  X

    Now when we do some full-text search for String will sort documents based on existence and occurrence of matching counts .

    Usually in Books we have inverted indexes on last pages. Based on the word we can thus find the page on which the word exists.

    48) What is an Analyzer in ElasticSearch ?

    Ans:

    While indexing data in Elastic Search, data is transformed internally by the Analyzer defined for the index, and then indexed. An analyzer is building block of character filters, tokenizers and token filters. Following types of Built-in Analyzers are available in Elasticsearch 5.6.

    AnalyzerDescription
    Standard AnalyzerDivides text into terms on word boundaries, as defined by the Unicode Text Segmentation algorithm. It removes most punctuation, lower cases terms, and supports removing stop words.
    Simple AnalyzerDivides text into terms whenever it encounters a character which is not a letter. It lower cases all terms.
    White space AnalyzerDivides text into terms whenever it encounters any white space character. It does not lowercase terms.
    Stop AnalyzerIt is like the simple analyzer, but also supports removal of stop words.
    Keyword AnalyzerA “noop” analyzer that accepts whatever text it is given and outputs the exact same text as a single term.
    Pattern AnalyzerUses a regular expression to split the text into terms. It supports lower-casing and stop words.
    Language AnalyzerElasticsearch provides many language-specific analyzers like English or French.
    Finger Print AnalyzerA specialist analyzer which creates a fingerprint which can be used for duplicate detection.

    49) What is a Tokenizer in ElasticSearch ?

    Ans:

    A tokenizer receives a stream of characters, breaks it up into individual tokens (usually individual words), and outputs a stream of tokens. Inverted indexes are created and updates using these token values by recording the order or position of each term and the start and end character offsets of the original word which the term represents.

    An analyzer must have exactly one Tokenizer.

    50) What is Character Filter in Elasticsearch Analyzer?

    Ans:

    A character filter receives the original text as a stream of characters and can transform the stream by adding, removing, or changing characters. For instance, a character filter could be used to convert Hindu-Arabic numerals (٠‎١٢٣٤٥٦٧٨‎٩‎) into their Arabic-Latin equivalents (0123456789), or to strip HTML elements like from the stream.

    An analyzer may have zero or more character filters, which are applied in order.

    Course Curriculum

    Enroll in Best Elasticsearch Training and Get Hired by TOP MNCs

    • Instructor-led Sessions
    • Real-life Case Studies
    • Assignments
    Explore Curriculum

    51) What is Token filters in Elasticsearch Analyzer?

    Ans:

    A token filter receives the token stream and may add, remove, or change tokens. For example, a lowercase token filter converts all tokens to lowercase, a stop token filter removes common words (stop words) like the from the token stream, and a synonym token filter introduces synonyms into the token stream.

    Token filters are not allowed to change the position or character offsets of each token.

    An analyzer may have zero or more token filters, which are applied in order.

    52) How to check Elasticsearch Cluster Health?

    Ans:

    To know about cluster health follow below URL over curl or on your browser.

    GET /_cat/health?v

    53) What are type of Cluster Health Status?

    Ans:

    • Green means everything is good (cluster is fully functional).
    • Yellow means all data is available but some replicas are not yet allocated (cluster is fully functional)
    • Red means some data is not available for whatever reason.
    • Note: that even if a cluster is red, it still is partially functional (i.e. it will continue to serve search requests from the available shards) but you will likely need to fix it ASAP since you have missing data

    54) How to know Number of Nodes?

    Ans:

    GET /_cat/nodes?v

    Response:

    ip        heap.percent ram.percent cpu load_1m load_5m load_15m node.role master name

    127.0.0.1           10           5   5    4.46                        mdi      *      PB2SGZY

    Here, we can see our one node named “PB2SGZY”, which is the single node that is currently in our cluster.

    55)  How to get list of available Indices in Elasticsearch Cluster?

    Ans:

    GET /_cat/indices?v

    56)  How to create Indexes?

    Ans:

    PUT /customer?pretty

    GET /_cat/indices?v

    57) How to delete Index and records?

    Ans:

    DELETE /customer?pretty

    GET /_cat/indices?v

    and 

    • PUT /customer
    • PUT /customer/external/1
    • {
    •   “name”: “John Doe”
    • }
    • GET /customer/external/1
    • DELETE /customer

    If we study the above commands carefully, we can actually see a pattern of how we access data in Elasticsearch. That pattern can be summarized as follows:

    <REST Verb> //<Type>/<ID>

    This REST access pattern is so pervasive throughout all the API commands that if you can simply remember it, you will have a good head start at mastering Elasticsearch.

    58) How to update record and document fields value in Index?

    Ans:

    We’ve previously seen how we can index a single document. Let’s recall that command again:

    • PUT /customer/external/1?pretty
    • {
    •   “name”: “John Doe”
    • }

    Again, the above will index the specified document into the customer index, external type, with the ID of 1. If we then executed the above command again with a different (or same) document, Elasticsearch will replace (i.e. reindex) a new document on top of the existing one with the ID of 1:

    • PUT /customer/external/1?pretty
    • {
    •   “name”: “John Doe”
    • }

    The above changes the name of the document with the ID of 1 from “John Doe” to “Jane Doe”. If, on the other hand, we use a different ID, a new document will be indexed and the existing document(s) already in the index remains untouched.

    • PUT /customer/external/2?pretty
    • {
    •   “name”: “John Doe”
    • }

    The above indexes a new document with an ID of 2.

    When indexing, the ID part is optional. If not specified, Elasticsearch will generate a random ID and then use it to index the document. The actual ID Elasticsearch generates (or whatever we specified explicitly in the previous examples) is returned as part of the index API call.

    This example shows how to index a document without an explicit ID:

    • POST /customer/external?pretty
    • {
    •   “name”: “John Doe”
    • }

    Note that in the above case, we are using the POST verb instead of PUT since we didn’t specify an ID.

    59) What is elasticsearch search API?

    Ans:

    In Elasticsearch search APIs are used to search the content. Either a user can search by sending a get request with query string as a parameter or a query in the message body of post request. Mainly all the search APIs are multi-index, multi-type.

    60) What is multi-index in Elasticsearch?

    Ans:

    Elasticsearch allows to search for the documents present in all the indices or in some specific indices.

    61) What is multi-type in Elasticsearch?

    Ans:

    Multi-type means that we can search all the documents in an index across all types or in some specified type.

    62) What is aggregations in Elasticsearch?

    Ans:

    It is a framework that collects all the data which is selected by search query. It consist of many building blocks which help in building complex data.

    Basic syntax or structure of aggregation is:

    •  “aggregations” : {
    • “&lt;aggregation_name&gt;” : {
    • “&lt;aggregation_type&gt;” : {
    • &lt;aggregation_body&gt;
    • }
    • [,”meta” : { [&lt;meta_data_body&gt;] } ]?
    •   [,”aggregations” : { [&lt;sub_aggregation&gt;]+ } ]?
    • }
    • }

    63) What are the different types of aggregations?

    Ans:

    Following are the different types of aggregations:

    • Metrics Aggregations
    • Bucket Aggregations

    64) What are the different metrics aggregations?

    Ans:

    Metrics aggregations help in computing matrices either from fields value or from scripts. Following are the different types of metrics aggregations:

    • Avg Aggregation
    • Cardinality Aggregation
    • Extended Stats Aggregation
    • Max Aggregation
    • Min Aggregation
    • Sum Aggregation

    65) What is Avg Aggregation?

    Ans:

      Avg Aggregation – It is used to get the average of numeric field. Example:

    Request: 

    • Request: 
    • {
    •    “aggs”:{
    •       “avg_fees”:{“avg”:{“field”:”fees”}}
    •    }
    • }

    Response: 

    • {
    •    “took”:44, “timed_out”:false, “_shards”:{“total”:5, “successful”:5, “failed”:0},
    •    “hits”:{
    •       “total”:3, “max_score”:1.0, “hits”:[
    •          {
    •             “_index”:”schools”, “_type”:”school”, “_id”:”2″, “_score”:1.0,
    •             “_source”:{
    •                “name”:”SPaul School”, “description”:”ICSES Affiliation”,
    •                “street”:”Dawarka”, “city”:”Delhi”, “state”:”Delhi”, 
    •                “zip”:”110075″, “location”:[18.5733056, 57.0122136], “fees”:5000, 
    •                “tags”:[“Good Faculty”, “Great Sports”], “rating”:”4.5″
    •             }
    •          },
    •          {
    •             “_index”:”schools”, “_type”:”school”, “_id”:”1″, “_score”:1.0,
    •             “_source”:{
    •                “name”:”Central School”, “description”:”CBSEW Affiliation”,
    •                “street”:”Sagan”, “city”:”papola”, “state”:”HP”, “zip”:”165715″,
    •                “location”:[31.8955385, 76.8380405], “fees”:2200, 
    •                “tags”:[“Senior Secondary”, “beautiful campus”], “rating”:”3.3″
    •             }
    •          },
    •          {
    •             “_index”:”schools”, “_type”:”school”, “_id”:”1″, “_score”:1.0,
    •             “_source”:{
    •                “name”:”Central High School”, “description”:”CBSE Affiliation”,
    •                “street”:”Gagan”, “city”:”papola”, “state”:”HP”, “zip”:”868815″,
    •                “location”:[41.8955385, 79.8380405], “fees”:2200, 
    •                “tags”:[“Senior Secondary”, “Great infrastructure”], “rating”:”3.9″
    •             }
    •          },
    •          {
    •             “_index”:”schools”, “_type”:”school”, “_id”:”3″, “_score”:1.0,
    •             “_source”:{
    •                “name”:”Crescent School”, “description”:”State Board Affiliation”,
    •                “street”:”Tonk Road”, “city”:”Jaipur”, “state”:”RJ”, 
    •                “zip”:”176114″, “location”:[25.8535922, 35.8923988], “fees”:2500, 
    •                “tags”:[“Labs”], “rating”:”4.5″
    •             }
    •          }
    •       ]
    •    }, “aggregations”:{“avg_fees”:{“value”:1133.3333333333335}}
    • }

    66) What is Cardinality Aggregation?

    Ans:

      Cardinality Aggregation – It gives count of distinct values. Example:

    Request header: 

    • {
    •    “aggs”:{
    •       “distinct_name_count”:{“cardinality”:{“field”:”name”}}
    •    }
    • }

    67) What is Extended stats Aggregation?

    Ans:

      Extended stats Aggregation – It generates the statistics about a specific numerical field. Example:

    Request header: 

    • {
    •    “aggs” : {
    •       “fees_stats” : { “extended_stats” : { “field” : “fees” } }
    •    }
    • }

    68) What is Max Aggregation?

    Ans:

      Max Aggregation – It gives the max value. Example:

    Request header: 

    • {
    •    “aggs” : {
    •       “max_fees” : { “max” : { “field” : “fees” } }
    •    }
    • }

    69) What is Min Aggregation?

    Ans:

      Min Aggregation – It gives the min value. Example:

    Request header: 

    • {
    •    “aggs” : {
    •       “min_fees” : { “min” : { “field” : “fees” } }
    •    }
    • }

    70) What is Sum Aggregation?

    Ans:

    Sum Aggregation – It gives the sum value. Example:

    Request header: 

    • {
    •    “aggs” : {
    •       “total_fees” : { “sum” : { “field” : “fees” } }
    •    }
    • }
    Elasticsearch Sample Resumes! Download & Edit, Get Noticed by Top Employers! Download

    71) What is term dictionary in Elasticsearch ?

    Ans:

    Term dictionary gives information that in which document this term is used

    72) What is term frequency in Elasticsearch ?

    Ans:

    Term frequency tells number of appearances of a term in a document.If frequesny is more then document is more relevant.

    73) What is horizontal scaling in Elasticsearch ?

    Ans:

    Adding more node in same cluster is called horizontal scaling because requests are distributed.

    74) What is vertical scaling in Elasticsearch ?

    Ans:

    Adding more resources to a node for example RAM or processor.That always increases performance.

    75) How indexing and searching does work in Elasticsearch ?

    Ans:

    To understand indexing and searching in Elasticsearch, follow link

    76) How document can be indexed in Elasticsearch using cURL?

    Ans:

    To understand indexing of document in Elasticsearch, follow link

    77) How document can be searched in Elasticsearch using cURL?

    Ans:

    To understand searching of document in Elasticsearch, follow link

    78) What is the significance of took filed in Elasticsearch search query result as shown in above image ?

    Ans:

    It tells how much time Elasticsearch needed to process the request.

    79) What is the significance of total filed in Elasticsearch search query result as shown in above image ?

    Ans:

    It tells how many document match in Elasticsearch. By default Elasticsearch show 10 matching document but by total we can know how many document match the criteria.

    80) What is the default operator used by Elasticsearch in searching words ?

    Ans:

    OR.

    81) What is the file name where we specify Elasticsearch options ?

    Ans:

    elasticsearch.yml

    82) What is the location of elasticsearch.yml file name in window ?

    Ans:

    \elasticsearch-6.0.0\config

    83) How to change cluster name in Elasticsearch ?

    Ans:

    In elasticsearch.yml add one entry

    cluster.name: your-cluster-name

    84) Can we change existing mapping in Elasticsearch for example if a filed had type String , can we make it Integer ?

    Ans:

    No

    85) What are the core fields type in Elasticsearch ?

    Ans:

    • Boolean
    • String
    • Numeric
    • Date

    86) How to index a field with multiple values or in easy word Array?

    Ans:

    curl -XPUT ‘localhost:9200/preparationforinterview/elasticsearch/topic’ -d ‘{ “tags”: [“indexing”, “searching”] }’

    87) What are the predefined fields in Elasticsearch ?

    Ans:

    Predefined fields provide metadata to the document.These fields we don’t need to populate. For example _timestamp which gives information when documents is indexed.Predefined fields always begin with _(underscore).

    88) What is _ttl predefined field in Elasticsearch ?

    Ans:

    ttl means tile to live.It enables Elasticsearch to remove document after a specified time.

    89) What is _source predefined field in Elasticsearch ?

    Ans:

    source predefined field lets to store original document in original format.Whenever we search any document ,we get this field by default.

    90) How does Elasticsearch identify a document ?

    Ans:

    Elasticsearch uses combination of type and id in _uid to identify a document uniquely in a same index._uid is used by Elasticsearch to identify document internally because Elasticsearch uses Lucene index and in Lucene there is no concept of type,type abstraction is provided by Elasticsearch. That is the reason in _uid both type and id of document is stored.

    91) How document can be updated in Elasticsearch using cURL?

    Ans:

    To understand updating of document in Elasticsearch, follow link

    92) How does Elasticsearch maintain concurrency control ?

    Ans:

    By version number for each document.If a document is indexed first time then its version number is 1 and if second time update happens then version number will be 2.In the meantime anyone update it then version conflicts and that update is cancelled.

    93) What is close indices in Elasticsearch ?

    Ans:

    A close index does not allow write and read operation and its data is not loaded in memory. We can restore it by opening index again.

    94) What is the query component in search request ?

    Ans:

    This component configures best document to return based on its score.It is configured using query DSL or filter DSL.

    95) What is size component in search request ?

    Ans:

    This component configures amount of documents to return.

    96) What is sort component in search request ?

    Ans:

    This component configures in which order documents should be returned by default order is based on _score value in descending order.

    97) What is _source component in search request ?

    Ans:

    This component configures which fields should be returned in _source fields.By default all fields are returned.

    98) What is from component in search request ?

    Ans:

    This component configures from which page documents should be returned.This is used for pagination.For example if 40 items are calculated but we want from 20 documents then from will be 20.

    99) What is the default size of the page in the response of search request ?

    Ans:

    10.

    100) What is the difference between query and filter in Elasticsearch ?

    Ans:

    Query calculates score based on matching so slower compared to filter in Elasticsearch. Filters are cacheable so if filters are used in another search then bitsets are not calculated again as behind the scene Elasticsearch does for filters.

    Are you looking training with Right Jobs?

    Contact Us
    Get Training Quote for Free